84 matches found
CVE-2020-10399
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-user.php by adding a question mark ? followed by the payload...
PT-2020-12137 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the GET parameter p in the admin/edit-comment.php file. This enables attackers to perform a Reflected XSS attack...
CVE-2019-7437
PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting XSS via the Search field...
CVE-2018-18940
servlet/SnoopServlet a servlet installed by default in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=XSS in the query string. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web...